getRequestsByHour.RdGets activity volume within timeframe
getRequestsByHour( type, from, to, domains = NULL, urls = NULL, categories = NULL, policycategories = NULL, ip = NULL, ports = NULL, identityids = NULL, identitytypes = NULL, applicationid = NULL, verdict = NULL, securityoverridden = NULL, bundleid = NULL, threats = NULL, threattypes = NULL, ampdisposition = NULL, sha256 = NULL, antivirusthreats = NULL, offset = 0, limit = 100, organizationId = Sys.getenv("umbrellaOrganizationId") )
| type | the type of entries used to calculate the result (dns, proxy, firewall) |
|---|---|
| from | timestamp to filter from (or relative, e.g. -1days) |
| to | timestamp to filter to (or relative, e.g. now) |
| domains | domain filter, comma delimited |
| urls | url filter, comma delimited |
| categories | categories filter, comma delimited ints |
| policycategories | policy-triggering categories filter, comma delimited ints |
| ip | ip filter |
| ports | 81 - port filter, comma delimited ports and ranges |
| identityids | identity filter, comma delimited |
| identitytypes | identity type filter, comma delimited. |
| applicationid | application id filter |
| verdict | verdict filter, comma delimited |
| securityoverridden | whether security was overridden for this request |
| bundleid | proxy bundle ID |
| threats | threat names filter, comma delimited |
| threattypes | threat types filter, comma delimited |
| ampdisposition | AMP disposition filter, comma delimited |
| sha256 | sha256 filter |
| antivirusthreats | threat names caught by antivirus, comma delimited |
| offset | offset |
| limit | limit |
| organizationId | the organization id |